package com.xuecheng.govern.gateway.filter;

import com.alibaba.fastjson.JSON;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import com.xuecheng.framework.model.response.CommonCode;
import com.xuecheng.framework.model.response.ResponseResult;
import com.xuecheng.govern.gateway.service.AuthService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author: gongfy
 * @create: 2020/9/15 10:14
 * @Description: 用户身份校验过滤
 */
@Component
public class LoginFliter extends ZuulFilter {

    @Autowired
    private AuthService authService;

    @Override
    public String filterType() {
        return "pre";
    }

    @Override
    public int filterOrder() {
        return 0;
    }

    @Override
    public boolean shouldFilter() {
        return true;
    }

    @Override
    public Object run() throws ZuulException {
        RequestContext requestContext = RequestContext.getCurrentContext();
        HttpServletResponse response = requestContext.getResponse();
        HttpServletRequest request = requestContext.getRequest();

        //1、从cookie查询用户身份令牌是否存在，不存在则拒绝访问
        String cookie = authService.getTokenFromCookie(request);
        if (StringUtils.isEmpty(cookie)) {
            this.accessDenied(requestContext, response);
            return null;
        }
        //2、从http header查询jwt令牌是否存在，不存在则拒绝访问eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55SWQiOiIxIiwidXNlcnBpYyI6bnVsbCwidXNlcl9uYW1lIjoiaXRjYXN0Iiwic2NvcGUiOlsiYXBwIl0sIm5hbWUiOiJKYW1lc0ZlaXl1ZSIsInV0eXBlIjoiMTAxMDAyIiwiaWQiOiI0OSIsImV4cCI6MTYwMDU1MDEwNSwiYXV0aG9yaXRpZXMiOlsiY291cnNlX2ZpbmRfbGlzdCIsImNvdXJzZV9maW5kX3BpYyJdLCJqdGkiOiIyNDgyZmM0Ny0wNGIzLTRlNjQtODY4MC1jMWQ4ZjlmOTEyM2UiLCJjbGllbnRfaWQiOiJYY1dlYkFwcCJ9.H7NUXBykwbfnj-v4CMHneaubCX1P7fRyDTGS4BID1Z6PhWGk4rhwuDJbL5v02wES3LH5uQB5ZRAgOnurD5ig_aPny-0nyyl9iI-8WvSEvUA2NINgQjH3vUhT19EhtMSH6v8QJ9rVTt1nvEOQrOkD3iKyqsggmS6AX8E4xxd4j24FxFZn9oT0gliyAlBJT7ob05kZ7Fu3Z7VzIJIpEKytg0uuKdxU3MAJShkGjLAFxi-qLiyWn5zzxM5V77relgun8NI3UBgcSJfriatAoqAIBwI4O3YzqsYHkBhNFklQaUFD6t2G1y8JC3EMs8F-sEU_kuSxRaK_Fq0Bz1C_kUZ6ew
        String token = authService.getTokenFromHeader(request);
        if (StringUtils.isEmpty(token)) {
            this.accessDenied(requestContext, response);
            return null;
        }
        //3、从Redis查询user_token令牌是否过期，过期则拒绝访问
//        long expire = authService.getExpire(cookie);
//        if (expire <= 0) {
//            this.accessDenied(requestContext, response);
//            return null;
//        }
        return null;
    }

    //拒绝访问，不在向下路由转发,提示此操作需要登陆系统
    private void accessDenied(RequestContext requestContext, HttpServletResponse response) {
        requestContext.setSendZuulResponse(false);// 拒绝访问，不在向下路由转发
        requestContext.setResponseStatusCode(200);

        ResponseResult responseResult = new ResponseResult(CommonCode.UNAUTHENTICATED);
        String jsonString = JSON.toJSONString(responseResult);
        requestContext.setResponseBody(jsonString);
        response.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
    }
}
